Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2vELwvmKmApLOtZpqJHTNkoUCM.roa
File: b2vELwvmKmApLOtZpqJHTNkoUCM.roa (raw, json)
Hash identifier: D6hCYXiUwhHKRlTUvJQQ616woHbo23YUoa8Nr86vU2Y=
Subject key identifier: 6F:6B:C4:2F:0B:E6:2A:60:29:2C:EB:59:A6:A2:47:4C:D9:28:50:23
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB14670F7586F222981AFFB042476
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2vELwvmKmApLOtZpqJHTNkoUCM.roa
Signing time: Tue 02 Jan 2024 04:30:12 +0000
ROA not before: Tue 02 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200223
IP address blocks: 45.131.60.0/24 maxlen: 24
2a07:e345:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b1:46:70:f7:58:6f:22:29:81:af:fb:04:24:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f6bc42f0be62a60292ceb59a6a2474cd9285023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:2a:31:e9:e6:a5:54:63:8a:9d:6e:6d:6b:
0b:c6:43:58:30:1b:18:4d:95:57:ab:2c:e3:8b:24:
00:57:26:79:91:67:93:e4:b3:20:98:50:f3:fa:8b:
8a:ac:6d:0b:a8:d0:74:c1:3d:96:57:62:ff:4d:20:
62:b4:43:8f:c1:a4:4b:68:7c:35:0d:1a:d2:bc:be:
eb:66:58:33:d5:16:59:58:e9:d6:27:01:3b:70:83:
46:cd:91:41:b6:07:06:78:41:f8:1f:1c:64:83:7c:
d9:8b:75:7f:ae:61:b4:04:05:94:7f:a6:ae:bb:1d:
1d:96:28:78:fd:38:b3:18:52:9b:e1:7f:f0:80:d4:
62:15:42:2a:38:67:68:6b:8c:16:8b:cb:f6:2e:28:
04:99:8d:51:bb:93:36:05:e4:c9:56:b5:6e:0d:98:
c5:f2:f9:f4:1a:0f:f7:77:9d:90:b5:3f:49:af:b5:
66:f0:54:83:00:45:ad:bb:32:c4:fe:4e:ec:a8:6c:
83:0c:62:ad:e1:3e:9c:b3:23:bb:e9:2d:fa:7b:b4:
52:84:2f:bf:22:3f:2c:25:14:3b:80:96:ce:60:fb:
a8:ac:20:f3:01:f5:e2:ce:e8:6f:ca:c7:b0:ac:f1:
77:ed:7c:76:9d:1f:b2:15:b2:88:23:ac:0c:e8:ec:
1b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:C4:2F:0B:E6:2A:60:29:2C:EB:59:A6:A2:47:4C:D9:28:50:23
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2vELwvmKmApLOtZpqJHTNkoUCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.60.0/24
IPv6:
2a07:e345:2::/48
Signature Algorithm: sha256WithRSAEncryption
06:92:01:56:bc:12:9c:ec:22:4b:eb:c9:f0:fc:19:dd:57:86:
28:01:48:2b:cb:1f:0b:76:11:b1:e7:20:e5:e3:10:0c:4c:af:
14:46:93:ce:40:b5:45:ba:5d:15:c8:e8:6a:b2:92:7d:bd:36:
4e:e7:64:96:fa:52:93:1a:d1:e7:0b:7d:01:11:d2:c4:62:0e:
6a:8c:7d:57:79:52:02:57:04:1f:4c:fc:1b:83:71:61:73:69:
ed:62:0e:33:92:b5:70:47:37:fb:df:94:50:16:a9:fb:c0:18:
cf:0b:72:98:e5:10:df:8b:a0:93:a3:bf:39:34:5f:3f:ce:85:
b5:fe:76:7f:3a:53:e5:dd:87:dc:e2:67:95:c8:0c:2b:1a:bf:
29:11:6a:28:b4:1e:bd:f2:57:9b:e0:1b:70:3b:3c:8d:8b:42:
61:93:a1:9a:a5:3e:d8:62:f4:3f:71:3f:9c:9c:db:d8:5d:7a:
1c:69:23:a3:ae:06:3a:5f:f9:ee:b1:80:d5:58:ba:df:ca:94:
75:fd:05:c4:d1:b4:30:96:0c:3c:7f:8b:ba:f7:85:27:fb:59:
10:67:ba:0c:b7:1a:be:20:62:b4:90:e3:44:7d:78:fe:ff:8c:
77:a3:7f:3f:7c:50:72:e8:80:67:94:b2:7f:91:de:57:16:2c:
78:3c:d7:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIb7FGcPdYbyIpga/7BCR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZiYzQyZjBiZTYyYTYwMjkyY2ViNTlhNmEyNDc0Y2Q5Mjg1MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXcqMenmpVRjip1ubWsLxkNYMBsY
TZVXqyzjiyQAVyZ5kWeT5LMgmFDz+ouKrG0LqNB0wT2WV2L/TSBitEOPwaRLaHw1
DRrSvL7rZlgz1RZZWOnWJwE7cINGzZFBtgcGeEH4Hxxkg3zZi3V/rmG0BAWUf6au
ux0dlih4/TizGFKb4X/wgNRiFUIqOGdoa4wWi8v2LigEmY1Ru5M2BeTJVrVuDZjF
8vn0Gg/3d52QtT9Jr7Vm8FSDAEWtuzLE/k7sqGyDDGKt4T6csyO76S36e7RShC+/
Ij8sJRQ7gJbOYPuorCDzAfXizuhvysewrPF37Xx2nR+yFbKII6wM6OwbQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG9rxC8L5ipgKSzrWaaiR0zZKFAjMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYjJ2RUx3dm1LbUFwTE90WnBxSkhUTmtvVUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYM8MA8E
AgACMAkDBwAqB+NFAAIwDQYJKoZIhvcNAQELBQADggEBAAaSAVa8EpzsIkvryfD8
Gd1XhigBSCvLHwt2EbHnIOXjEAxMrxRGk85AtUW6XRXI6Gqykn29Nk7nZJb6UpMa
0ecLfQER0sRiDmqMfVd5UgJXBB9M/BuDcWFzae1iDjOStXBHN/vflFAWqfvAGM8L
cpjlEN+LoJOjvzk0Xz/OhbX+dn86U+Xdh9ziZ5XIDCsavykRaii0Hr3yV5vgG3A7
PI2LQmGToZqlPthi9D9xP5yc29hdehxpI6OuBjpf+e6xgNVYut/KlHX9BcTRtDCW
DDx/i7r3hSf7WRBnugy3Gr4gYrSQ40R9eP7/jHejfz98UHLogGeUsn+R3lcWLHg8
1zw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:26:31 2024 by rpki-client on console-fra.rpki-client.org